<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1678611822423757&amp;ev=PageView&amp;noscript=1">

Over 100,000 Stolen FTP Credentials

Ipswitch Blog| September 22 2010

| security

Here's another reminder for webmasters and server admins that you need to carefully protect your FTP login credentials because people are trying hard to steal them.

Last week SC Magazine wrote about a website containing over 100,000 stolen FTP login credentials.  Network security and management firm Blue Coat discovered the sensitive files, which contained username and password combinations to FTP servers located around the globe.

The really scary part of this story is that most of the compromised passwords were deemed “reasonable strong”, according to Chris Larsen, a security researcher at Blue Coat.   The breach wasn’t the result of weak passwords that were easily hacked or guessed. The credentials were stolen by an attacker who used sophisticated tools to get machine or network access, and then watched for them.

“The discovery, however, does provide an opportunity to remind webmasters that their FTP credentials should be protected and treated with as much care as banking credentials.  Try to only use them from computers that are known to be secure.  The bad guys want your login.”

Here are a few password tips to keep in mind:

  • Always use strong passwords.  Here’s a nice primer on how to create strong passwords.
  • Don’t use the same password for all your online accounts.  Sure, it's easier, but the flipside is that if your password is hacked for one account, then the password you use for your other accounts is compromised also.
  • Change your password to sensitive accounts at least every couple of months.  That way, even if your account has been compromised, you’ve limited how long it stays that way.
  • Never leave a post-it note with your secret passwords stuck to your wall or on your desk.

Topics: security

Leave a Reply

Your email address will not be published. Required fields are marked *


Free Trials

Getting started has never been easier. Download a trial today.

Download Free Trials

Contact Us

Let us know how we can help you. Focus on what matters. 

Send us a note

Subscribe to our Blog

Let’s stay in touch! Register to receive our blog updates.